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ABSTRACT 





Nowadays E-Commerce market is astonishingly growing throughout the world. Due to increase in online transaction, Debit or Credit card fraud and personal 
information security are major concerns for customers, merchants and banks. This paper presents a new approach for providing limited information only that is 
necessary for fund transfer during online shopping thereby safeguarding customer data, increasing customer confidence and preventing identity theft. A novel family 
of graphical password systems built on top of Captcha technology. It addresses a number of security problems altogether, such as online guessing attacks. The method 


uses combination of application of Captcha and visual cryptography for this purpose. 
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I. INTRODUCTION 

In every work of a daily life internet has become most used standard for commu- 
nication, socialization and online transactions. Many of us work on the internet 
for transmitting confidential information in various form. Hence, secure commu- 
nication of data is an important issue to be consider. There are various techniques 
used for securing data like encryption, visual cryptography, image hiding etc. As 
digitalization progresses online shopping has made human life more easier than 
ever. But increase in online transaction, Debit or Credit card fraud and personal 
information security are major concerns for customers, merchants and banks. 
Many facilities are available for easier and more secure transaction. But the 
frauds are still there. In this paper a method is proposed to develop a well promis- 
ing secure system in which we are going to use visual cryptography along with 
Captcha technique. With the help of Visual cryptography the secret image 1.e, 
Captcha is divided into two shares and distributed to the recipient in various 
modes. Received shares are stacked together to produce the original secret image 
back. 


II. PREVIOUS METHODOLOGY 

It is nearly impossible to be sure whether a device that is connected to the internet 
should be considered trustworthy and all sensitive details like bank account num- 
ber, ATM pin, etc. are secure or not. The problems which are occurring in transac- 
tion processing system are, the need to handle thousands of simultaneous user, 
the need to allow many users to work on the same set of data, with immediate 
updating and the need to handle errors in a safe and consistent manner. 


Phishing is another problem for online transactions. A phishing website or mes- 
sage tries to trick the user into revealing personal information by appearing to be 
from an original source, such as a social network, bank, or even Google. Commu- 
nication channels such as email, webpage, IRC and instant messaging services 
are popular. Phishing is a recurrent threat that is growing rapidly these days. Thus 
to overcome the drawbacks of current system we are implementing Captcha 
along with enhanced Visual Cryptography technique. 


Il. PROPOSED METHODOLOGY 

The proposed scheme is the generation of two shares with the help of Visual Cryp- 
tography. For authentication of user the system first generates OTP and then OTP 
is converted into Captcha. By applying Visual Cryptography algorithm on the 
Captcha image shares are generated. 


A. CAPTCHA 

A CAPTCHA stands for Completely Automated Public Turing test to tell Com- 
puters and Humans Apart. It is a type of test used in computing to determine 
whether or not the user is human. Captcha is usually a graphic image with a series 
of distorted letters on an equally distorted or multi-coloured background. 


This technology is used mostly to block spammers that try to automatically har- 
vest email addresses or try to automatically sign up for or make use of websites 
blogs or forums. It takes an average person approximately 10sec to solve a typi- 
cal Captcha. 


B. Visual Cryptography 

Due to advances in digital world security has become inseperable issue while 
transmitting image. Visual Cryptography is a technique developed by Moni Naor 
and Adi shamir in 1994. It is a special encryption technique to hide information in 
images in such a way that it can be decrypted by human vision if the correct key 
images are used. 
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Fig 1. Generation of shares 


In the proposed method original image is split into two component images. As 
shown in Fig.1 each component image has a pair of pixel for every pixel in the 
original image. For each pixel of the original image two matrices of size 2x2 are 
generated. First matrix is generated randomly by the system and other matrix is 
generated by XOR operation between the randomly generated matrix and pixel 
value of the original image. When both the shares are received by the recipients 
they are overlapped using AND operation. Thus original key image is generated. 


IV.SYSTEM ARCHITECTURE 
The System Architecture shown in Fig2. consists of client, Merchant Server and 
Bank Server. 


Client: Client is a person who wants to buy some product online on merchant 
site, But it is necessary that the person knows the merchant site is fraud or real. 
For that user first enter OTP which can generate by bank and then verify that mer- 
chant site is phishing or not. After know that merchant site is real customer com- 
plete further proceed and select or buy product. 


Merchant Server: Merchant server hosts the original website it consists of all 
the database of products it is managed by DBA. It is registered with bank server. 
Merchant verify if the user is authentic or not by using Login functionality. Mer- 
chant sends its Server ID and Unique Customer ID to bank server for verification 
purpose. Adding removing products into cart. Managing database of products. 
Also checking transactions that has happened. 


Bank Server: Bank server verifies client and merchant server using client UID 
or merchant id. Bank server creating Hash Function for OTP. It divide's OTP 
into two share's. Bank sends OTP shares to merchant and client. At last entered 
OTP is verified whether it is correct or not. 
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Fig 2.System Architecture 


V. APPLICATIONS 

Proposed Online payment systems protect consumer personal information by not 
requiring the disclosure of account numbers or other sensitive personal data to 
online merchants or other third parties. During the checkout process, the mer- 
chant redirects the consumer to their financial institution's online banking site 
where they login and authorize charges. After charges are authorized, the finan- 
cial institution redirects the consumer back to the merchant site. All network com- 
munications are protected using encryption 


VI. CONCLUSION AND FUTURE SCOPE 

With the growing cashless era, issues of secure transactions arise. Because of 
that, to help the user to transact fearlessly, a method is presented to protect user 
from phishing website and avoid misuse of the credentials. Hence the system will 
initiate more secure online transactions. 


For processing large scale of data Hadoop or Big Data can be used. Instead of 
Captcha QR can be used. System can be enhanced to cloud environment where 
based on number of user access, cloud configuration will change and minimize 
the response time. In addition mobile application can be developed for imple- 
menting the system. 
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